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AMENDMENTS TO THE CLAIMS 
This listing of claims will replace all prior versions, and list ings, of claims in the 

application: 

Listing of claims: 

1 . (currently amended) A method lor validating credentials comprising: 
inputting, at a first system that grants session credentials based on successful 
authentication, a request from a client to access a protected resource on the first system, the 
protected resource on the first system being accessible by the client only after successful 
authentication of the client at the first system; 

determining, at the first system that a client does not have a valid session 
credential granted by the first system; 
| after die tleternunjn^retrieving, at die first system, information from a session 

token held by the client, the information being retrieved from the client, the information 
corresponding to a session credential for the second system, the second system (1) grants 
session credentials based on successful authentication at the second system, and (2) includes a 
protected resource on the second system that is accessible by the client; the protected resource 
on the second system being accessible by the client only after successful authentication of the 
client at the second system; 

the first system presenting ai least some of the information from the session 
token to the second system; 

the first system inputting a determination from the second system that the client 

has a valid session credential wjdi the second system; 
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the first system effecting successful authentication to the client so as to grant 
access, to the protected resource on the first system, to the client based on the determination 
from the second system that the client has a valid session credential with the second system; 
and 

directing the client to the first system to establish a session credential based on 
successful authentication at the first system, after determining that die client does not have a 
valid session credential granted by the second system. 

2. (previously presented) A method according to claim 1, further comprising 
granting a session credential to the client by (he first system, after determining that the client 
has a valid session credential granted by the second system. 

3. (previously presented) A method according to claim 1 , further comprising 
sending a session token to the client, the token corresponding to a session credential granted by 
the first system. 

4. (previously presented) A method according to claim 1, further comprising 
directing the client to the second system to establish a session credential based on successful 
authentication at the second system, after determining that the client docs not have a valid 
session credential granted by die second system. 

5. (canceled). 

6- (previously presented) A method according to claim 1 , further comprising 
maintaining the client session credential grained by the second system. 
7. (canceled) 

8- (original) A method according to claim 1 , wherein retrieving information 

3 
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from the session token held by the client comprises: 

sending a query to the client from the first system, the query including 
identification as originating from a domain name corresponding to the second system; and 
receiving a response: to the query. 

9. (currently amended) A method for validating session credentials of a 
client comprising: 

inputting, at a first system that grants session credentials based on successful 
authentication, a request from a client to access a protected resource on the first system, the 
protected resource on the first system being accessible by the client onjy after successful 
authentication of the client at the fust system; 

determining, at the ilrsl system that a client docs not have a valid session 
credential granted by the first system; 

alter th5 determining, retrieving, at the first system, information from a session 
token held by the client, the information being retrieved from die client, the information 
corresponding to a session credential for die second system that grants session credentials based 
on successful authentication at the second system, and the second system including a protected 
resource that is accessible by die client, the retrieving information from the session token held 
by die client comprises receiving a session token from the client corresponding to the second 
system, and the protected resource on the second system being accessible by the client only 
after successful authentication of die client at the second system; 

presenting at least some of the information from the session token to the second 

system; 

4 
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determining whether the client has a valid session credential granted hy the 
second system, the determining whether the client has a valid session credential granted by the 
second system is at least partially from presenting information from the session token; 

the firsr system inputting a determination from the second system that the client 
has a vfllid session credential with the second system; 

granting a session credential to thedient on the first system, after determining ■ 
that the client has a valid session credential granted by the second system; 

.sending a session token to the client, the session token corresponding to the 
session credential granted by the first/system, the session token allowing the client access to 
protected resource*; on the iirst system, so as to provide successful authentication to the client; 
and 

maintaining the client session credential; and 

the first system inputting information from the second system, and in response, 
the first system ouLpulting, to the second system, a determination that the first system has a 
valid session credential for the client at the first system, and 

the second system effecting successful authentication so as to grant access, to the 
Turther protected resource on the second system, to the client based on the determination from 
the first system that the client has a valid session credential with the first system. 

10. (currently amended) Computer executable software code stored on a 
computer-readable medium and transmitted as an information signal, the code for validating 
credentials, the code comprising: 

code to input, at a first system that grants session credentials based on successful 

5 
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authentication, a request from a client to access a protected resource on the first system, the 
protected resource on the first system being accessible by the client only after successful 
authentication of the client at the firsi system; 

code to determine, at the first system, that a client does not have a valid session 
credential granted by the first system; 

code to retrieve, after the rintftrminino thn t the cl fciji Hnrs not have. val i d sess j y n 
credential panted by the first system, at the first system, information from a session token held 
by the client, die information corresponding to a session credential for the second system that 
grants session credentials based on successful authentication at the second system, the second 
system including a protected resource that is accessible by the client, and the protected resource 
on the second system being accessible by the client only after successful authentication of the 
client at the second system; 

code to present at least some of the information from the session token to (he 
second system; and 

. code to input, from the second system to the first system, a determination 
whether the client has a valid session credential grunted by the second system; and 

code to effect successful authentication so as to grant access to the protected 
resource on the first system, to the client based on the determination from the second system 
that the client has a valid session credential with the second system; and 

code to direct the client to die first system to establish a session credential based 
on successful authentication at the first system, after determining that the client does not have a 
valid session credential granted by the second system. 



PAGE 10/25 1 RCVD AT 6/17/2008 10:02:17 PM [Eastern Daylight Time] 1 SVRiUSPTO-EFXRF-613 * DNIS:273830O * CSID: ' DURATION (mnws):03-20 



JUN-17-2008 22:01 From:HUNTON & UlILLftMS 



To:USPTO 



P. 11'25 



PATENT APPLICATION I 0/1)26,403 
Attorney DOCKET: 72 1 67.0W.I570 



1 1 . (Currently amended) A computer readable medium having computer 
executable code stored thereon, die code for validating credentials, the code comprising: 
code to input, at a first system that grants session credentials based on successful authentication, 
a request from a client to access a protected resource on the first system, the protected resource 
on the first system being accessible by the client only after successful authentication of the 
client at ihe first system; 

code to determine, at the first system that the client does not have a valid session 
credential granted by the first system; 

code to retrieve from the client, at the first svstem _and after the foff minim? that 
Ihq client doe s npt have a valid session credential pa wed hv the firs t system , information from 
a session token held by the client, die information corresponding to a possible session credential 
for the second system that grants session credentials based on successful authentication at the 
second system and that has a protected resource that is accessible by the client, the protected 
resource on die second system l>eing accessible by the client only after successful authentication 
of the client, at the second system- 
code to present at least some of the information from the session token to the 
second system; and 

code to input, from the second system to the first system, a determination 
whether the client has a valid session credential granted by die second system; and 

code to effect successful authentication to the client so as to grant access lo the 
protected resource or. the first system, to the client based on die determination from the second 
system that the client has a valid session credential with the second system.. 
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12. (currently amended) A programmed computer for validating 
credentials, comprising: 

a memory having at least one region for storing computer executable program 

© 

code; and 

a processor for executing the program code stored in the memory, wherein the 
program code comprises: 

code to input, at a first system that grants session credential based on successful authentication, 
a request from a client to access a protected resource on the first system, the protected resource 
on the first system being accessible by the elient only after successful authentication of the 
client at the first system; 

code to determine, at the first system that the client does not have a valid session 
credential granted by the. first system; 

code to retrieve, at the first system and after the, deiprm i ning thai the d i em doe* 
not have- a valid sessi o n credential granted b v the first mm information from a session token 
held by the client, the information corresponding to a session credential for the second system 
that grants session credentials based on successful authentication at the second system, the 
second system including a protected resource that is accessible by the client, the protected 
resource on the second system being accessible by the client only after successful authentication 
of the client at the second system; 

code to present at least some of the information from the session token to the 
second system; and 

code, to input, from the second system to the first system, a delermi nation 
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whether the client has a valid session credential granted by the second system and 

code to effect successful authentication so as to grant access to the protected 
resource on the first system, U> the client based on the detenu j nation from the second system 
that the client has a valid session credential with the second system; 

code to direct the client to the first system to establish a session credential based 
on successful authentication at the first system, afrer determining that the clicuL does not have a 
valid session credential granted by the second system; 

code ro input into the First system information from the second system, and in 
response, output from die first system, to the second system, a determination that the first 
system has a valid session credential for the client at the iirsL system, and 

code to effect successful authentication with the second system so as to grant 
access, to the further protected resource on the second system, to the client based on the 
determination from the first system that the client has a valid session credential with the first 
system, 

1 3. (currently amended) A method for establishing session credentials 

comprising: 

inputting, at a first sysLem that grants session credentials based on successful 
authentication, a request from a client to access a protected resource on the first system, the 
protected resource on the first system being accessible by the client only after successful 
authentication of the client at the first system; 

determining at the first system that the client does nor have a valid session 
credential granted by a first system; 
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determining that the client does not have a valid session credential grunted by a 
second system based on successful authentication at the second system; 

sending, from the first system to the client, a log iii page; 

receiving, at die fi rst system from the cl ient, log jn information; 

sending, from the first system to the second system, the Jog in information; and 

after the determining m thr tW system ihm rh* Hiftnt do cs not hnv r. _v»f j.j 
session credential granted hvn fiiyi, sy^m receiving, at the first system from the second 
system, information corrcsixmding to a session credential granted by the second system, the 
session credential granted by the second system based at least in part on the log in information 
and successful authentication at the second system, the second system being one that (1) grants 
session credentials based on successful authentication at the second system, and (2) includes a 
protected resource on the second system that is accessible by the client, the protected resource 
on the second system being accessible by the client only after successful authentication of the 
client at the second system; and 

the first system effecting successful authentication so as to grant access, to a 
protected resource on the first system, to the client based on the determination Irom the second 
system that the client has a valid session credential with the second system; 

the first system inputting information from the second system, and in response, 
the first system outputting, to the second system, a determination that the first system has a 
valid session credential for the client at the first system, and 

the second system effecting successful authentication so as to grant access, to the 

further protected resource on the second system, to the client based on the determination from 

10 
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the first system that the client has a valid session credential with the first system 



14. (previously presented) A method according to claim 1.3, further 
comprising granting a session credential for the first system, 

15. (previously presented) A method according to claim 13, further 
comprising granting a session credential for the second system, 

16. (previously presented) A method according u> claim 13, further 
comprising associating session credentials for the first system and the second system with the 
client. 

1 1, (currently amended) A method for establishing session credentials for 
client, the method comprising: 

inputting, at a first system that grants session credentials based on successful 
authentication, a request from a client ro access a protected resource on the first system, the 
protected resource on the first system being accessible by the client only after successful 
authentication of the client at the first system; 



mken held bv the clisnL ihe information retriev ed from ihe H i ent. tbp inform ^ 

gorrg^ondiriij to a sessio n crodc^ i yl For the secofl o' system 

inputting information at the first system, from the second system, that the client 
does not have a valid session credential granted by the second system, the second system 

including a protected resource, the protected resource on the second system being accessible b; 
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Che client only after successful authentication of the client at the second system; 

sending, from the second system to the client, a log in page; 
receiving, at the second system twin the client, log in information; and 
sending, from the second system to the first system, information corresponding 

to a session credential granted by the second system, the session credential granted by the 

second system based at least in pan on the log in information and successful authentication at 

the second system; and 

granting a session credential to the client (or the first system so as to provide 
successful authentication, such that the client is granted access to a protected resource on the 
first system; 

the first system inputting information from the second system, and in response, 
the first system outputting, ro the second system, a determination that the fust system has a 
valid session credential for the client at the firsr system, and 

the second system effecting successful authentication so as to grant access, to the 
further protected resource on the second system, to the client based on the determination from 
the first system that the client has a valid session credential with die first system. 

18. (original) A method according to claim 17, further comprising granting a 
session credential for the second system. 

19. (original) A method according to claim 17, farther comprising associating 
session credentials lor the first system and the second system with the client. 

20. (Currently amended) A method for validating credentials comprising: 

inputting, at a first system that grants session credentials based on successful 

12 
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authentication, a request from a client to access a protected resource on the first system 
determining, at. the first system that a client does not have a valid session 

credential granted by the first system; 

redirecting the client to the second system that grants session credentials based 

on successful authentication at the second system, the second system having a protected 

resource that is accessible by the client; 

sending, from the second system to the first system, session credentials granted 
by the second system; 

sending, from the first system to die second system, the session credentials 
granted by the second system; 

determining, at the second system, that the session credentials granted by the 
second system, and received from the first system, are valid; and 

sending, from the second system to the first system, information indicating that 
the session credentials granted by the second system are valid; and 

inputting, at the .second system tltat grants session credentials based on 
successful authentication, a request from a cJient to access a protected resource on the second 
system 

determining, at the second system that a client does not have a valid session 
credential granted by the second system; 

— = after such det e rmining r fttrievinp , at the second system, ^form;ir io n fr qm n 

Session toke n ed by client , th e., inforn^j ffn heinp retrieve^ fmm the clicnj, i,he inft^n;™ 
Corresponding lo a session credent^ for the. fW cver^ 
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redirecting the client to the first system that grants session credentials based on 
successful authentication at the first system; 

sending, from the first system to the second system, session credentials granted 
by the first system; 

sending, from the second system to the first system, the session credentials 
granted by fhe first system; 

determining, at the first, system, that the session credentials granted by the first 
system, and received from the second system, are valid; and 

sending, from the first system to the second system, information indicating that 
the session credentials granted by the first system are valid. 

21. (canceled) 

22. (canceled) 

23. (currently amended) A method for validating credentials comprising: 
inputting, at a first system that grants session credentials based on successful 

authentication, a request from a client to access a protected resource on the first system, the 
protected resource being accessible upon successful authentication of the client at the first 
system; 

determining, at the first system that the client docs not have a valid session 
credential granted by the first system, so as to allow the client access to the protected resource 
on the first system; 

_ afar the dete r mining, retrieving, at th fi fir*t , y st cm_ inlormnt jon fmm fl ^ tm 

Client, the information beiniyelrievcd from the Hir-m , ihP informa t ion 
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COiresnondiiiP to n sr.ssion credential for the se cond svxi^ m: 

the first system communicating with u second system, the second system having 
a further protected resource on the second system, the further protected resource being 
accessible upon successful authentication of the client al the second system; 

the first system presenting information to the second system; 
the first system inputting a determination from the second system that the client 
has a valid session credential with the second system; 

the first system effecting successful authentication so as to grant access, lo the 
protected resource on the first system, to the client, based on the determination from the second 
system that the client has a valid session credential with the second system; 

the first system inputting information from the second system, and in response, 
the first system outputting, to the second system, a determination that the first system has a 
valid session credential for the client at the first system; and 

the second system effecting successful authentication so as to grant access, to the further 
protected resource on the second system, to the client based on the determination from the first 
system that the client has a valid session credential with the first system. 

24. (canceled) 

25. (previously presented) The method of claim 23, wherein the protected 
resource in the first system i ncludcs content provided on a pay-pcr-use basis, and wherein the 
protected resource in die second system includes content provided on a pay-per-use basis. 

26. (previously presented) The method of claim 23, wherein the protected 

resource in the first system includes content provided on a subscription basis, and wherein the 
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protected resource in the second system includes content provided on a subscription basis. 
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